By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Connection to AWS Transfer SFTP: Connection reset by peer

0

How to connect to AWS Transfer SFTP endpoint from an EC2 instance? Currently from EC2, the connection is interrupted with Connection reset by peer message: sftp -i <privatekey> -v user@<endpoint>.server.transfer.ap-southeast-2.amazonaws.com OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 58: Applying options for * debug1: Connecting to <endpoint>.server.transfer.ap-southeast-2.amazonaws.com [ServerPrivateIp] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: key_load_public: No such file or directory debug1: identity file sftp_id_rsa type -1 debug1: key_load_public: No such file or directory debug1: identity file sftp_id_rsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version 2.0, remote software version AWS_SFTP_1.1 debug1: no match: AWS_SFTP_1.1 debug1: Authenticating to <endpoint>.server.transfer.ap-southeast-2.amazonaws.com:22 as 'user' debug1: SSH2_MSG_KEXINIT sent Connection closed by ServerPrivateIp port 22 Couldn't read packet: Connection reset by peer

Topics
Migration & Modernization
Tags
AWS Transfer for SFTP
Language
English
rePost-User-2208912
asked a year ago775 views
1 Answer
0

From the client output provided, it seems you are able to establish a TCP connection and start the protocol negotiation though something is failing at the start of key exchange.

This could happen for a number of reasons but I'd first suggest checking the encryption algos/ciphers supported by the client vs what is configured in the security policy for the server or if you have logging configured for the server but the IAM role is not able to be assumed by the service.

https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html https://docs.aws.amazon.com/transfer/latest/userguide/monitoring.html#monitoring-enabling

If you are continuing to not be able to connect after this, I would recommend opening a case with support as more information regarding the server and client may be needed to troubleshoot.

AWS
Brian C
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content